Hi All,
I have ~800 user groups which I need to take a back up from AEMaaCS using acl-packager ( refer below url )
I am trying to copy past the groups 1 by 1 into the package definition. But it's not worth doing it. Is there any automated way to create the ACL package programatically ?
Any suggestions are appreciated. Thank you in advance.
Solved! Go to Solution.
Views
Replies
Total Likes
This is very basic example of a groovy
import com.day.cq.security.util.AuthorizableUtil
import org.apache.jackrabbit.vault.fs.api.PathFilterSet
import org.apache.jackrabbit.vault.packaging.JcrPackage
import org.apache.jackrabbit.vault.packaging.JcrPackageDefinition
import org.apache.jackrabbit.vault.packaging.PackageManager
import org.apache.jackrabbit.vault.packaging.impl.JcrPackageManagerImpl
import javax.jcr.Session
def session = repository.loginService("readService", null) // Use service user for security best practices
def packageManager = new JcrPackageManagerImpl(session)
def packageName = "acl-package"
def packageGroup = "my-packages"
def packageVersion = "1.0"
// Create package path
def packagePath = "/etc/packages/${packageGroup}/${packageName}-${packageVersion}.zip"
// Create a new package
JcrPackage jcrPackage = packageManager.create(packageGroup, packageName, packageVersion)
JcrPackageDefinition packageDefinition = jcrPackage.getDefinition()
packageDefinition.set("description", "Package containing ACLs and content")
// Create filter to include nodes and ACLs
def filter = packageDefinition.getMetaInf().getFilter()
// Paths to include
def paths = ["/home/users", "/home/groups"]
def contentPath = "/content"
// Add paths to the filter
paths.each { path ->
def filterSet = new PathFilterSet(path)
filter.add(filterSet)
// Include ACLs for each path
def aclFilterSet = new PathFilterSet(path + "/rep:policy")
filter.add(aclFilterSet)
}
// Include ACLs for the /content section for those groups
def groupManager = session.getUserManager().getGroupManager()
def allGroups = groupManager.findAuthorizables("rep:groupId", "*", AuthorizableType.GROUP)
allGroups.each { group ->
def groupId = group.getID()
def groupAclPath = "${contentPath}/rep:policy/rep:principalName/${groupId}"
if (session.itemExists(groupAclPath)) {
def contentAclFilterSet = new PathFilterSet(groupAclPath)
filter.add(contentAclFilterSet)
}
}
// Save the package
jcrPackage.save(session)
session.save()
session.logout()
println "ACL package created successfully at ${packagePath}"
I haven't done this myself but found this article where there is python script to do this. Check this link out which might be helpful to you.
https://experienceleague.adobe.com/en/docs/experience-cloud-kcs/kbarticles/ka-16448
Views
Replies
Total Likes
@gkalyan I got it but I have ~500 + user groups. So Its bit hard for me to execute and find the path and do the package. Rather I use acl-package instead. Anyways thank you
Views
Replies
Total Likes
Hi @Jagadeesh_Prakash
Maybe ACL packager help?
Views
Replies
Total Likes
Views
Replies
Total Likes
Hi @gkalyan
Sorry, I overlooked.
@Jagadeesh_Prakash if yo have a groovy script enabled then you can use groovy to create package with any definition/paths.
@arunpatidar Yes that's the option I was looking at. But you have any sample with that can you post it here. Or else once I am done with the groovy I will post it as well.
Views
Replies
Total Likes
This is very basic example of a groovy
import com.day.cq.security.util.AuthorizableUtil
import org.apache.jackrabbit.vault.fs.api.PathFilterSet
import org.apache.jackrabbit.vault.packaging.JcrPackage
import org.apache.jackrabbit.vault.packaging.JcrPackageDefinition
import org.apache.jackrabbit.vault.packaging.PackageManager
import org.apache.jackrabbit.vault.packaging.impl.JcrPackageManagerImpl
import javax.jcr.Session
def session = repository.loginService("readService", null) // Use service user for security best practices
def packageManager = new JcrPackageManagerImpl(session)
def packageName = "acl-package"
def packageGroup = "my-packages"
def packageVersion = "1.0"
// Create package path
def packagePath = "/etc/packages/${packageGroup}/${packageName}-${packageVersion}.zip"
// Create a new package
JcrPackage jcrPackage = packageManager.create(packageGroup, packageName, packageVersion)
JcrPackageDefinition packageDefinition = jcrPackage.getDefinition()
packageDefinition.set("description", "Package containing ACLs and content")
// Create filter to include nodes and ACLs
def filter = packageDefinition.getMetaInf().getFilter()
// Paths to include
def paths = ["/home/users", "/home/groups"]
def contentPath = "/content"
// Add paths to the filter
paths.each { path ->
def filterSet = new PathFilterSet(path)
filter.add(filterSet)
// Include ACLs for each path
def aclFilterSet = new PathFilterSet(path + "/rep:policy")
filter.add(aclFilterSet)
}
// Include ACLs for the /content section for those groups
def groupManager = session.getUserManager().getGroupManager()
def allGroups = groupManager.findAuthorizables("rep:groupId", "*", AuthorizableType.GROUP)
allGroups.each { group ->
def groupId = group.getID()
def groupAclPath = "${contentPath}/rep:policy/rep:principalName/${groupId}"
if (session.itemExists(groupAclPath)) {
def contentAclFilterSet = new PathFilterSet(groupAclPath)
filter.add(contentAclFilterSet)
}
}
// Save the package
jcrPackage.save(session)
session.save()
session.logout()
println "ACL package created successfully at ${packagePath}"
Thank you @arunpatidar
Views
Replies
Total Likes